Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireguard not running despite following multiple guides

    Scheduled Pinned Locked Moved WireGuard
    2 Posts 2 Posters 303 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      Frosch1482
      last edited by Frosch1482

      Hi,

      I have the following topic:

      Pfsense Box and i try to establish a WG connection from my LAN (test purpose). Once it works I want to use it mainly on my phone, to access my network.

      Tunnel config
      b32cdeca-0795-44a9-89c0-27db66a820f0-image.png

      Peer Config
      220de0da-4b0c-43dd-9797-33915e0795f1-image.png

      WAN pass all rule
      555f83d6-116d-4ce8-ab95-057a19e7fd71-image.png

      Interface WG (as far as I understood this is not fully necessary, I can use WireGuard standard interface as well)
      e75e8544-f4b5-46cb-aade-e3ddaa002c23-image.png

      Interface
      25557aa9-7dc9-4317-b88a-57041d4c0c7e-image.png

      Config for Windows WG-Client
      [Interface]
      PrivateKey = MHfi3+xTHD5abSTl4KCHdQB0lCXXXXXXXXXXXXXXXXX
      Address = 10.0.200.5/24
      DNS = 8.8.8.8, 8.8.4.4

      [Peer]
      PublicKey = pTB98cD4f8Khwf1NLgocAbu+wnZ4T8AXXXXXXXXXXXX
      AllowedIPs = 10.0.200.0/24, 10.0.0.0/24
      Endpoint = xxxxxxx.dyndns.net:51820

      I tried also the full tunnel with AllowedIPs 0.0.0.0/0

      in all cases the PfSense address 10.0.0.1 is not reachable

      What am I doing wrong? can´t figure out the mistake since hours. All guides on Youtube are slightly different, but they all come more ore less to the config I applied.

      EDIT: in the meantime I removed the SharedKey from the Peer and Config (screenshot with sharedKey is therefore wrong) Now without sharedKey google.com is reachable.

      Thank you
      BR
      Frosch1482

      J 1 Reply Last reply Reply Quote 0
      • J
        Jarhead @Frosch1482
        last edited by

        @Frosch1482 For starters change the interface to a /24. You have it as a /32.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.